CVE-2016-5573

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.

References

http://rhn.redhat.com/errata/RHSA-2016-2079.html

http://rhn.redhat.com/errata/RHSA-2016-2088.html

http://rhn.redhat.com/errata/RHSA-2016-2089.html

http://rhn.redhat.com/errata/RHSA-2016-2090.html

http://rhn.redhat.com/errata/RHSA-2016-2136.html

http://rhn.redhat.com/errata/RHSA-2016-2137.html

http://rhn.redhat.com/errata/RHSA-2016-2138.html

http://rhn.redhat.com/errata/RHSA-2016-2658.html

http://rhn.redhat.com/errata/RHSA-2016-2659.html

http://rhn.redhat.com/errata/RHSA-2017-0061.html

http://www.debian.org/security/2016/dsa-3707

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.securityfocus.com/bid/93628

http://www.securitytracker.com/id/1037040

http://www.ubuntu.com/usn/USN-3130-1

http://www.ubuntu.com/usn/USN-3154-1

https://access.redhat.com/errata/RHSA-2017:1216

https://security.gentoo.org/glsa/201611-04

https://security.gentoo.org/glsa/201701-43

https://security.netapp.com/advisory/ntap-20161019-0001/

Details

Source: MITRE

Published: 2016-10-25

Updated: 2020-09-08

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 8.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 1.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jdk:1.6.0:update_121:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update111:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update101:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update102:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_121:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_111:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_101:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_102:*:*:*:*:*:*

Tenable Plugins

View all (52 total)

IDNameProductFamilySeverity
127348NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0111)NessusNewStart CGSL Local Security Checks
high
121660Photon OS 1.0: Openjdk PHSA-2016-0015NessusPhotonOS Local Security Checks
high
119988SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2016:3010-1)NessusSuSE Local Security Checks
high
111849Photon OS 1.0: Openjdk / Openjre / Postgresql PHSA-2016-0015 (deprecated)NessusPhotonOS Local Security Checks
high
101406Virtuozzo 7 : java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc (VZLSA-2017-0061)NessusVirtuozzo Local Security Checks
high
100094RHEL 6 : java-1.7.1-ibm (RHSA-2017:1216)NessusRed Hat Local Security Checks
critical
99840EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2016-1080)NessusHuawei Local Security Checks
high
97051AIX Java Advisory : java_oct2016_advisory.asc (October 2016 CPU)NessusAIX Local Security Checks
high
97025Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2017-795)NessusAmazon Linux Local Security Checks
high
96640GLSA-201701-43 : IcedTea: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
96526Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20170113)NessusScientific Linux Local Security Checks
high
96480RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2017:0061)NessusRed Hat Local Security Checks
high
96476Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2017-0061)NessusOracle Linux Local Security Checks
high
96457CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2017:0061)NessusCentOS Local Security Checks
high
95750openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1444)NessusSuSE Local Security Checks
high
95711SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2016:3078-1)NessusSuSE Local Security Checks
high
95710SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:3068-1)NessusSuSE Local Security Checks
high
95629Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-3154-1)NessusUbuntu Local Security Checks
high
95623SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2016:3043-1)NessusSuSE Local Security Checks
high
95608SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2016:3041-1)NessusSuSE Local Security Checks
high
95607SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:3040-1)NessusSuSE Local Security Checks
high
95549openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1389)NessusSuSE Local Security Checks
high
95532openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-1380)NessusSuSE Local Security Checks
high
95423SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:2953-1)NessusSuSE Local Security Checks
high
95311openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1357)NessusSuSE Local Security Checks
high
95294SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:2887-1)NessusSuSE Local Security Checks
high
95023openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-1335)NessusSuSE Local Security Checks
high
94977Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-771)NessusAmazon Linux Local Security Checks
high
94954Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3130-1)NessusUbuntu Local Security Checks
high
94740CentOS 5 / 6 / 7 : java-1.7.0-openjdk (CESA-2016:2658)NessusCentOS Local Security Checks
high
94627Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL6.x i386/x86_64 (20161107)NessusScientific Linux Local Security Checks
high
94624RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2016:2659)NessusRed Hat Local Security Checks
high
94623RHEL 5 / 6 / 7 : java-1.7.0-openjdk (RHSA-2016:2658)NessusRed Hat Local Security Checks
high
94621Oracle Linux 5 / 6 / 7 : java-1.7.0-openjdk (ELSA-2016-2658)NessusOracle Linux Local Security Checks
high
94613Debian DSA-3707-1 : openjdk-7 - security updateNessusDebian Local Security Checks
high
94595GLSA-201611-04 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
94587Debian DLA-704-1 : openjdk-7 security updateNessusDebian Local Security Checks
high
9712Oracle Java SE 6 < Update 131 / 7 < Update 121 / 8 < Update 112 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
94510Ubuntu 16.04 LTS / 16.10 : openjdk-8 vulnerabilities (USN-3121-1)NessusUbuntu Local Security Checks
high
94501RHEL 5 : java-1.7.0-ibm (RHSA-2016:2138)NessusRed Hat Local Security Checks
high
94500RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2016:2137)NessusRed Hat Local Security Checks
high
94499RHEL 6 / 7 : java-1.8.0-ibm (RHSA-2016:2136)NessusRed Hat Local Security Checks
high
94341Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-759)NessusAmazon Linux Local Security Checks
high
94190RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:2090)NessusRed Hat Local Security Checks
high
94189RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:2089)NessusRed Hat Local Security Checks
high
94188RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:2088)NessusRed Hat Local Security Checks
high
94151Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20161019)NessusScientific Linux Local Security Checks
high
94150RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2016:2079)NessusRed Hat Local Security Checks
high
94149Oracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2016-2079)NessusOracle Linux Local Security Checks
high
94140CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2016:2079)NessusCentOS Local Security Checks
high
94139Oracle Java SE Multiple Vulnerabilities (October 2016 CPU) (Unix)NessusMisc.
high
94138Oracle Java SE Multiple Vulnerabilities (October 2016 CPU)NessusWindows
high